fix: http_server source auth — correct field names and strategies per Vector docs

[TerrifiedBug]

Summary

• Root cause: VectorFlow's http_server source used the shared authBasicBearerSchema which defines user/token fields with basic/bearer strategies. But Vector's http_server source is server-mode auth (validates incoming requests) and expects different fields:
  • username (not user)
  • password for basic auth
  • source (VRL expression) for custom auth
  • Strategies: basic and custom only — no bearer support
• Created dedicated authHttpServerSchema() with correct field names and strategies
• Also strip empty nested objects during YAML/TOML generation so omitting auth doesn't produce auth: {}

Test plan

• Create an HTTP Server source with no auth — should validate without auth: block in YAML
• Create an HTTP Server source with basic auth — should output auth.username and auth.password
• Create an HTTP Server source with custom auth — should output auth.source (VRL expression)
• Verify bearer auth is no longer offered for http_server
• Verify other components (http_client, websocket, sinks) still work with existing auth schemas

[greptile-apps]

Greptile Summary

This PR fixes a correctness bug in VectorFlow's http_server source configuration: the shared authBasicBearerSchema (designed for client-mode outbound auth) was incorrectly applied to server-mode incoming-request auth, producing wrong field names (user instead of username) and offering the unsupported bearer strategy. A dedicated authHttpServerSchema is introduced with the correct fields and strategies per Vector's documentation, and both YAML and TOML generators are updated to strip fully-empty nested objects so that leaving auth unconfigured no longer emits auth: {}.

• Schema fix — new authHttpServerSchema() in shared.ts uses username/password for basic auth and source (VRL expression) for custom auth, with only basic/custom strategies, matching Vector's http_server source spec.
• Source wiring — network.ts replaces authBasicBearerSchema() with authHttpServerSchema() for the http_server source.
• Empty-object stripping — both yaml-generator.ts and toml-generator.ts now delete any nested object entry whose every value is null, undefined, or "", preventing invalid auth: {} blocks in generated configs. The Object.entries() snapshot approach is safe for in-loop deletion.
• The stripping condition correctly preserves partially-filled objects (e.g., { strategy: "basic", username: "" } is kept because strategy is non-empty) and handles vacuous truth for {} — both intentional and correct behaviours.

Confidence Score: 5/5

• This PR is safe to merge — it corrects a clear field-name and strategy mismatch against Vector's documented http_server auth spec with no side-effects on other components.
• The schema change is isolated to a new function; the only consumer changed is the http_server source. The empty-object stripping is a shallow, one-level pass that is guarded against arrays and primitives, and uses an Object.entries() snapshot so in-loop deletion is safe. No existing auth schemas or generators are modified in a breaking way.
• No files require special attention.

Important Files Changed

Filename	Overview
src/lib/vector/schemas/shared.ts	Adds authHttpServerSchema() with correct Vector http_server auth fields (username/password/source) and strategies (basic/custom only — no bearer). Clean addition alongside existing authBasicBearerSchema.
src/lib/vector/schemas/sources/network.ts	Correctly swaps authBasicBearerSchema() for authHttpServerSchema() on the http_server source — the core fix for mismatched field names and unsupported bearer strategy.
src/lib/config-generator/yaml-generator.ts	Adds pre-serialization stripping of nested objects whose every value is null/undefined/"", preventing auth: {} from appearing in generated YAML when no auth is configured.
src/lib/config-generator/toml-generator.ts	Identical empty-object stripping logic added for TOML output, consistent with yaml-generator change. The TOML formatter already silently skips null values, so this is mostly a defensive improvement.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[http_server source node config] --> B{auth object present?}
    B -- "all values null / empty string" --> C["Strip auth key\n(new empty-object stripping logic)"]
    B -- "strategy = basic" --> D["Keep auth\nauth.username + auth.password"]
    B -- "strategy = custom" --> E["Keep auth\nauth.source VRL expression"]
    C --> F[Generate YAML / TOML\nno auth block emitted]
    D --> F
    E --> F
    F --> G[Vector config delivered to agent]

    style C fill:#f9f,stroke:#333
    style D fill:#9f9,stroke:#333
    style E fill:#9f9,stroke:#333

Loading

_{Last reviewed commit: 34b0120}